package middol.init

import grails.gorm.transactions.Transactional
import grails.plugins.redis.RedisService
import middol.auth.Authority
import middol.auth.Requestmap
import middol.auth.Role
import middol.auth.RoleAuthority
import middol.auth.User
import middol.auth.UserRole
import middol.constants.i18n.CommonConstants
import middol.sys.Org
import middol.sys.Permission
import middol.sys.RolePermission
import redis.clients.jedis.Jedis
import redis.clients.jedis.Pipeline

/**
* @Description:    初始化用户权限数据
* @Author:         zhangjiayu@middol.com
* @CreateDate:     2020/8/20 16:11
* @Version:        1.0
*/
class InitDataService {

    def springSecurityService

    RedisService redisService

    /**
     * 初始化 用户权限信息
     * @return
     */
    @Transactional
    def initAuth() {
        def adminRole
        def rootOrg
        if(Org.count() == 0){
            //清空redis 缓存
            redisService.deleteKeysWithPattern("*")

            rootOrg = new Org(code: "001", name: CommonConstants.rootOrg, orderNum: 1).save(flush: true)
            def devDep = new Org(code: "002", name: "开发部", orderNum: 1, parentOrg: rootOrg).save(flush: true)
            new Org(code: "003", name: "实施部", orderNum: 5, parentOrg: rootOrg).save(flush: true)
            new Org(code: "004", name: "项目部", orderNum: 4, parentOrg: rootOrg).save(flush: true)
            new Org(code: "005", name: "产品开发部", orderNum: 3, parentOrg: devDep).save(flush: true)
            new Org(code: "006", name: "移动开发部", orderNum: 2, parentOrg: devDep).save(flush: true)
            new Org(code: "007", name: "可视化开发部", orderNum: 1, parentOrg: devDep).save(flush: true)
        }

        if(User.count() == 0){
            //权限
            def adminAuth = new Authority(authority: 'ROLE_ADMIN').save()
            def userAuth = new Authority(authority: 'ROLE_USER').save()
            def otherAuth = new Authority(authority: 'ROLE_OTHER').save()

            //角色
            adminRole = new Role(name: "超管", code: "admin").save()
            def userRole = new Role(name: "用户", code: "user").save()
            def AQERole = new Role(name: "AQE", code: "AQE").save()
            def otherRole = new Role(name: "第三方系统", code: "other").save()

            //用户
            def admin = new User(username: "admin", name: "超管", password: "admin", email: "admin@middol.com", phoneNum: "18114470965", org: rootOrg).save()
            def user = new User(username: "user", name: "用户", password: "user", email: "user@middol.com", phoneNum: "13913346790", org: rootOrg).save()
            def other = new User(username: "other", name: "第三方", password: "other", email: "other@middol.com", phoneNum: "18762815463", org: rootOrg).save()
            def zjy = new User(username: "zjy", name: "张家余", password: "zjy", email: "zjy@middol.com", phoneNum: "13776543956", org: rootOrg).save()

            //权限和组
            RoleAuthority.create(adminRole, adminAuth)
            RoleAuthority.create(userRole, userAuth)
            RoleAuthority.create(AQERole, userAuth)
            RoleAuthority.create(otherRole, otherAuth)

            //用户和组
            UserRole.create(admin, adminRole)
            UserRole.create(user, userRole)
            UserRole.create(zjy, userRole)
            UserRole.create(other, otherRole)


            def systemSetting = new Permission(label: "系统设置", labelEn: "System Setting", type: "0", href: "", path: "", component: "").save()
            def permission = new Permission(label: "权限管理", labelEn: "System Setting", type: "1", href: "", path: "", component: "", parentPermission: systemSetting).save()
            def userMenu = new Permission(label: "用户管理", labelEn: "System Setting", type: "1", href: "", path: "", component: "", parentPermission: permission).save()
            def role = new Permission(label: "角色管理", labelEn: "System Setting", type: "1", href: "", path: "", component: "", parentPermission: permission).save()
            def menu = new Permission(label: "菜单管理", labelEn: "System Setting", type: "1", href: "", path: "", component: "", parentPermission: permission).save()
            def org = new Permission(label: "部门管理", labelEn: "System Setting", type: "1", href: "", path: "", component: "", parentPermission: permission).save()
            def system = new Permission(label: "系统管理", labelEn: "System Setting", type: "1", href: "", path: "", component: "", parentPermission: systemSetting).save()
            def loginLog = new Permission(label: "登录日志", labelEn: "System Setting", type: "1", href: "", path: "", component: "", parentPermission: system).save()
            def operationLog = new Permission(label: "操作日志", labelEn: "System Setting", type: "1", href: "", path: "", component: "", parentPermission: system).save()
            def dic = new Permission(label: "字典管理", labelEn: "System Setting", type: "1", href: "", path: "", component: "", parentPermission: system).save()
            def token = new Permission(label: "令牌管理", labelEn: "System Setting", type: "1", href: "", path: "", component: "", parentPermission: system).save()
            def quartz = new Permission(label: "Quartz管理", labelEn: "System Setting", type: "1", href: "", path: "", component: "", parentPermission: system).save()

            def otherMenu = new Permission(label: "其他", labelEn: "otherMenu", type: "0", href: "", path: "", component: "").save()
            def secondMenu = new Permission(label: "其他二级", labelEn: "otherSecondMenu ", type: "1", href: "", path: "", component: "", parentPermission: otherMenu).save()
            def second1Menu = new Permission(label: "其他三级1", labelEn: "otherSecond1Menu ", type: "1", href: "", path: "", component: "", parentPermission: secondMenu).save()
            def second2Menu = new Permission(label: "其他三级2", labelEn: "otherSecond2Menu ", type: "1", href: "", path: "", component: "", parentPermission: secondMenu).save()

//            RolePermission.create(systemSetting, adminRole)
            RolePermission.create(permission, adminRole)
            RolePermission.create(userMenu, adminRole)
            RolePermission.create(role, adminRole)
            RolePermission.create(menu, adminRole)
            RolePermission.create(org, adminRole)
            RolePermission.create(system, adminRole)
            RolePermission.create(loginLog, adminRole)
            RolePermission.create(operationLog, adminRole)
            RolePermission.create(dic, adminRole)
            RolePermission.create(token, adminRole)
            RolePermission.create(quartz, adminRole)

            RolePermission.create(second1Menu, adminRole)
            RolePermission.create(second2Menu, adminRole)

            RoleAuthority.withSession {
                it.flush()
                it.clear()
            }

            UserRole.withSession {
                it.flush()
                it.clear()
            }

            RolePermission.withSession {
                it.flush()
                it.clear()
            }
        }

        if(Requestmap.count() == 0){
            for (String url in [
                    '/', '/error', '/index', '/index.gsp', '/**/favicon.ico', '/shutdown',
                    '/assets/**', '/**/js/**', '/**/css/**', '/**/images/**','/api/login/*', '/stomp/**',
                    '/api/logout', '/oauth/*', "/download/*", '/static/**']) {
                new Requestmap(url: url, configAttribute: 'permitAll').save()
            }
            new Requestmap(url: '/api/**', configAttribute: 'permitAll').save()
            new Requestmap(url: '/webService/**', configAttribute: 'ROLE_OTHER').save()
//            new Requestmap(url: '/api/logout', configAttribute: 'isAuthenticated()').save()

            springSecurityService.clearCachedRequestmaps()
        }
    }
}
